Learn more on how Netenrich leverages the potential of Content Management System in Resolution Intelligence Cloud from the following video.
Chronicle enables you to view telemetry, entity context, relationships, and vulnerabilities as a single detection within your Chronicle account. It provides entity contextualization to enable you to understand both the behavioral patterns in telemetry and the context of those impacted entities from those patterns.
Examples:
- Surfacing the permissions for an account on which a brute force login is being attempted.
- Importance of data hosted by an asset that is also the source of outbound network activity.
Chronicle Content Management System consists of the following entities.
With Chronicle content management system, you can manage multiple chronicle instances from single page. It enables role-based access control to create, review and publish content.
Resolution Intelligence supports multitenancy where you can create multiple organizations and tenants in a hierarchical manner in order to serve the chronicle instances that created at your end.
Resolution Intelligence Security platform consists of three levels of hierarchy for deploying rules on top of the Chronicle data -- Domain, Organization and Tenant. Again, there are three user roles such as Creator, Publisher, and Viewer under each category.
| Role | Description |
|---|---|
| Creator | Access to configure new set of detection rules, content packs, filters and parsers. |
| Viewer | Access to view only |
| Publisher | Review and Publish detection rules, content packs, filters and parsers. |
Resolution Intelligence Security platform is capable of showing the audit log on the different activities carried out by each individual or a group.
Comments
0 comments
Please sign in to leave a comment.